Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-__func__.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-auto.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-auto_fail_compile.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-auto_ret_type.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-builtin-swap.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-chrono.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-class_override_final.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-class_override_final_fail_compile.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-constexpr.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-cstdint.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-decltype.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-declval.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-functional.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-initializer_list.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-lambda.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-long_long.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-noexcept.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-nullptr.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-nullptr_fail_compile.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-regex.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-rvalue-references.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-sizeof_member.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-sizeof_member_fail.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-static_assert.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-static_assert_fail_compile.cpp
Examining data/libtins-4.0/cmake/Modules/CheckCXXFeatures/cxx-test-variadic_templates.cpp
Examining data/libtins-4.0/examples/arpmonitor.cpp
Examining data/libtins-4.0/examples/arpspoofing.cpp
Examining data/libtins-4.0/examples/beacon_display.cpp
Examining data/libtins-4.0/examples/defragmenter.cpp
Examining data/libtins-4.0/examples/dns_queries.cpp
Examining data/libtins-4.0/examples/dns_spoof.cpp
Examining data/libtins-4.0/examples/dns_stats.cpp
Examining data/libtins-4.0/examples/http_requests.cpp
Examining data/libtins-4.0/examples/icmp_responses.cpp
Examining data/libtins-4.0/examples/interfaces_info.cpp
Examining data/libtins-4.0/examples/portscan.cpp
Examining data/libtins-4.0/examples/route_table.cpp
Examining data/libtins-4.0/examples/stream_dump.cpp
Examining data/libtins-4.0/examples/tcp_connection_close.cpp
Examining data/libtins-4.0/examples/traceroute.cpp
Examining data/libtins-4.0/examples/wps_detect.cpp
Examining data/libtins-4.0/include/tins/address_range.h
Examining data/libtins-4.0/include/tins/arp.h
Examining data/libtins-4.0/include/tins/bootp.h
Examining data/libtins-4.0/include/tins/constants.h
Examining data/libtins-4.0/include/tins/crypto.h
Examining data/libtins-4.0/include/tins/cxxstd.h
Examining data/libtins-4.0/include/tins/data_link_type.h
Examining data/libtins-4.0/include/tins/detail/address_helpers.h
Examining data/libtins-4.0/include/tins/detail/icmp_extension_helpers.h
Examining data/libtins-4.0/include/tins/detail/pdu_helpers.h
Examining data/libtins-4.0/include/tins/detail/sequence_number_helpers.h
Examining data/libtins-4.0/include/tins/detail/smart_ptr.h
Examining data/libtins-4.0/include/tins/detail/type_traits.h
Examining data/libtins-4.0/include/tins/dhcp.h
Examining data/libtins-4.0/include/tins/dhcpv6.h
Examining data/libtins-4.0/include/tins/dns.h
Examining data/libtins-4.0/include/tins/dot11.h
Examining data/libtins-4.0/include/tins/dot11/dot11_assoc.h
Examining data/libtins-4.0/include/tins/dot11/dot11_auth.h
Examining data/libtins-4.0/include/tins/dot11/dot11_base.h
Examining data/libtins-4.0/include/tins/dot11/dot11_beacon.h
Examining data/libtins-4.0/include/tins/dot11/dot11_control.h
Examining data/libtins-4.0/include/tins/dot11/dot11_data.h
Examining data/libtins-4.0/include/tins/dot11/dot11_mgmt.h
Examining data/libtins-4.0/include/tins/dot11/dot11_probe.h
Examining data/libtins-4.0/include/tins/dot1q.h
Examining data/libtins-4.0/include/tins/dot3.h
Examining data/libtins-4.0/include/tins/eapol.h
Examining data/libtins-4.0/include/tins/endianness.h
Examining data/libtins-4.0/include/tins/ethernetII.h
Examining data/libtins-4.0/include/tins/exceptions.h
Examining data/libtins-4.0/include/tins/handshake_capturer.h
Examining data/libtins-4.0/include/tins/hw_address.h
Examining data/libtins-4.0/include/tins/icmp.h
Examining data/libtins-4.0/include/tins/icmp_extension.h
Examining data/libtins-4.0/include/tins/icmpv6.h
Examining data/libtins-4.0/include/tins/ieee802_3.h
Examining data/libtins-4.0/include/tins/internals.h
Examining data/libtins-4.0/include/tins/ip.h
Examining data/libtins-4.0/include/tins/ip_address.h
Examining data/libtins-4.0/include/tins/ip_reassembler.h
Examining data/libtins-4.0/include/tins/ipsec.h
Examining data/libtins-4.0/include/tins/ipv6.h
Examining data/libtins-4.0/include/tins/ipv6_address.h
Examining data/libtins-4.0/include/tins/llc.h
Examining data/libtins-4.0/include/tins/loopback.h
Examining data/libtins-4.0/include/tins/macros.h
Examining data/libtins-4.0/include/tins/memory_helpers.h
Examining data/libtins-4.0/include/tins/mpls.h
Examining data/libtins-4.0/include/tins/network_interface.h
Examining data/libtins-4.0/include/tins/offline_packet_filter.h
Examining data/libtins-4.0/include/tins/packet.h
Examining data/libtins-4.0/include/tins/packet_sender.h
Examining data/libtins-4.0/include/tins/packet_writer.h
Examining data/libtins-4.0/include/tins/pdu.h
Examining data/libtins-4.0/include/tins/pdu_allocator.h
Examining data/libtins-4.0/include/tins/pdu_cacher.h
Examining data/libtins-4.0/include/tins/pdu_iterator.h
Examining data/libtins-4.0/include/tins/pdu_option.h
Examining data/libtins-4.0/include/tins/pktap.h
Examining data/libtins-4.0/include/tins/ppi.h
Examining data/libtins-4.0/include/tins/pppoe.h
Examining data/libtins-4.0/include/tins/radiotap.h
Examining data/libtins-4.0/include/tins/rawpdu.h
Examining data/libtins-4.0/include/tins/rsn_information.h
Examining data/libtins-4.0/include/tins/sll.h
Examining data/libtins-4.0/include/tins/small_uint.h
Examining data/libtins-4.0/include/tins/snap.h
Examining data/libtins-4.0/include/tins/sniffer.h
Examining data/libtins-4.0/include/tins/stp.h
Examining data/libtins-4.0/include/tins/tcp.h
Examining data/libtins-4.0/include/tins/tcp_ip/ack_tracker.h
Examining data/libtins-4.0/include/tins/tcp_ip/data_tracker.h
Examining data/libtins-4.0/include/tins/tcp_ip/flow.h
Examining data/libtins-4.0/include/tins/tcp_ip/stream.h
Examining data/libtins-4.0/include/tins/tcp_ip/stream_follower.h
Examining data/libtins-4.0/include/tins/tcp_ip/stream_identifier.h
Examining data/libtins-4.0/include/tins/tcp_stream.h
Examining data/libtins-4.0/include/tins/timestamp.h
Examining data/libtins-4.0/include/tins/tins.h
Examining data/libtins-4.0/include/tins/udp.h
Examining data/libtins-4.0/include/tins/utils.h
Examining data/libtins-4.0/include/tins/utils/checksum_utils.h
Examining data/libtins-4.0/include/tins/utils/frequency_utils.h
Examining data/libtins-4.0/include/tins/utils/pdu_utils.h
Examining data/libtins-4.0/include/tins/utils/radiotap_parser.h
Examining data/libtins-4.0/include/tins/utils/radiotap_writer.h
Examining data/libtins-4.0/include/tins/utils/resolve_utils.h
Examining data/libtins-4.0/include/tins/utils/routing_utils.h
Examining data/libtins-4.0/src/address_range.cpp
Examining data/libtins-4.0/src/arp.cpp
Examining data/libtins-4.0/src/bootp.cpp
Examining data/libtins-4.0/src/crypto.cpp
Examining data/libtins-4.0/src/detail/address_helpers.cpp
Examining data/libtins-4.0/src/detail/icmp_extension_helpers.cpp
Examining data/libtins-4.0/src/detail/pdu_helpers.cpp
Examining data/libtins-4.0/src/detail/sequence_number_helpers.cpp
Examining data/libtins-4.0/src/dhcp.cpp
Examining data/libtins-4.0/src/dhcpv6.cpp
Examining data/libtins-4.0/src/dns.cpp
Examining data/libtins-4.0/src/dot11/dot11_assoc.cpp
Examining data/libtins-4.0/src/dot11/dot11_auth.cpp
Examining data/libtins-4.0/src/dot11/dot11_base.cpp
Examining data/libtins-4.0/src/dot11/dot11_beacon.cpp
Examining data/libtins-4.0/src/dot11/dot11_control.cpp
Examining data/libtins-4.0/src/dot11/dot11_data.cpp
Examining data/libtins-4.0/src/dot11/dot11_mgmt.cpp
Examining data/libtins-4.0/src/dot11/dot11_probe.cpp
Examining data/libtins-4.0/src/dot1q.cpp
Examining data/libtins-4.0/src/dot3.cpp
Examining data/libtins-4.0/src/eapol.cpp
Examining data/libtins-4.0/src/ethernetII.cpp
Examining data/libtins-4.0/src/handshake_capturer.cpp
Examining data/libtins-4.0/src/hw_address.cpp
Examining data/libtins-4.0/src/icmp.cpp
Examining data/libtins-4.0/src/icmp_extension.cpp
Examining data/libtins-4.0/src/icmpv6.cpp
Examining data/libtins-4.0/src/ip.cpp
Examining data/libtins-4.0/src/ip_address.cpp
Examining data/libtins-4.0/src/ip_reassembler.cpp
Examining data/libtins-4.0/src/ipsec.cpp
Examining data/libtins-4.0/src/ipv6.cpp
Examining data/libtins-4.0/src/ipv6_address.cpp
Examining data/libtins-4.0/src/llc.cpp
Examining data/libtins-4.0/src/loopback.cpp
Examining data/libtins-4.0/src/memory_helpers.cpp
Examining data/libtins-4.0/src/mpls.cpp
Examining data/libtins-4.0/src/network_interface.cpp
Examining data/libtins-4.0/src/offline_packet_filter.cpp
Examining data/libtins-4.0/src/packet_sender.cpp
Examining data/libtins-4.0/src/packet_writer.cpp
Examining data/libtins-4.0/src/pdu.cpp
Examining data/libtins-4.0/src/pdu_iterator.cpp
Examining data/libtins-4.0/src/pdu_option.cpp
Examining data/libtins-4.0/src/pktap.cpp
Examining data/libtins-4.0/src/ppi.cpp
Examining data/libtins-4.0/src/pppoe.cpp
Examining data/libtins-4.0/src/radiotap.cpp
Examining data/libtins-4.0/src/rawpdu.cpp
Examining data/libtins-4.0/src/rsn_information.cpp
Examining data/libtins-4.0/src/sll.cpp
Examining data/libtins-4.0/src/snap.cpp
Examining data/libtins-4.0/src/sniffer.cpp
Examining data/libtins-4.0/src/stp.cpp
Examining data/libtins-4.0/src/tcp.cpp
Examining data/libtins-4.0/src/tcp_ip/ack_tracker.cpp
Examining data/libtins-4.0/src/tcp_ip/data_tracker.cpp
Examining data/libtins-4.0/src/tcp_ip/flow.cpp
Examining data/libtins-4.0/src/tcp_ip/stream.cpp
Examining data/libtins-4.0/src/tcp_ip/stream_follower.cpp
Examining data/libtins-4.0/src/tcp_ip/stream_identifier.cpp
Examining data/libtins-4.0/src/tcp_stream.cpp
Examining data/libtins-4.0/src/timestamp.cpp
Examining data/libtins-4.0/src/udp.cpp
Examining data/libtins-4.0/src/utils/checksum_utils.cpp
Examining data/libtins-4.0/src/utils/frequency_utils.cpp
Examining data/libtins-4.0/src/utils/pdu_utils.cpp
Examining data/libtins-4.0/src/utils/radiotap_parser.cpp
Examining data/libtins-4.0/src/utils/radiotap_writer.cpp
Examining data/libtins-4.0/src/utils/resolve_utils.cpp
Examining data/libtins-4.0/src/utils/routing_utils.cpp
Examining data/libtins-4.0/tests/active_tests/include/active_test.h
Examining data/libtins-4.0/tests/active_tests/include/active_test_runner.h
Examining data/libtins-4.0/tests/active_tests/include/configuration.h
Examining data/libtins-4.0/tests/active_tests/include/ipv4_tests.h
Examining data/libtins-4.0/tests/active_tests/include/packet_capturer.h
Examining data/libtins-4.0/tests/active_tests/include/tcp_tests.h
Examining data/libtins-4.0/tests/active_tests/include/test_utils.h
Examining data/libtins-4.0/tests/active_tests/include/utils_tests.h
Examining data/libtins-4.0/tests/active_tests/src/active_test.cpp
Examining data/libtins-4.0/tests/active_tests/src/active_test_runner.cpp
Examining data/libtins-4.0/tests/active_tests/src/configuration.cpp
Examining data/libtins-4.0/tests/active_tests/src/ipv4_tests.cpp
Examining data/libtins-4.0/tests/active_tests/src/main.cpp
Examining data/libtins-4.0/tests/active_tests/src/packet_capturer.cpp
Examining data/libtins-4.0/tests/active_tests/src/tcp_tests.cpp
Examining data/libtins-4.0/tests/active_tests/src/test_utils.cpp
Examining data/libtins-4.0/tests/active_tests/src/utils_test.cpp
Examining data/libtins-4.0/tests/include/tests/dot11.h
Examining data/libtins-4.0/tests/include/tests/dot11_control.h
Examining data/libtins-4.0/tests/include/tests/dot11_data.h
Examining data/libtins-4.0/tests/include/tests/dot11_mgmt.h
Examining data/libtins-4.0/tests/src/address_range_test.cpp
Examining data/libtins-4.0/tests/src/allocators_test.cpp
Examining data/libtins-4.0/tests/src/arp_test.cpp
Examining data/libtins-4.0/tests/src/dhcp_test.cpp
Examining data/libtins-4.0/tests/src/dhcpv6_test.cpp
Examining data/libtins-4.0/tests/src/dns_test.cpp
Examining data/libtins-4.0/tests/src/dot11/ack_test.cpp
Examining data/libtins-4.0/tests/src/dot11/assoc_request_test.cpp
Examining data/libtins-4.0/tests/src/dot11/assoc_response_test.cpp
Examining data/libtins-4.0/tests/src/dot11/authentication_test.cpp
Examining data/libtins-4.0/tests/src/dot11/beacon_test.cpp
Examining data/libtins-4.0/tests/src/dot11/block_ack_request_test.cpp
Examining data/libtins-4.0/tests/src/dot11/cf_end_ack_test.cpp
Examining data/libtins-4.0/tests/src/dot11/cf_end_test.cpp
Examining data/libtins-4.0/tests/src/dot11/data_test.cpp
Examining data/libtins-4.0/tests/src/dot11/deauthentication_test.cpp
Examining data/libtins-4.0/tests/src/dot11/disassoc_test.cpp
Examining data/libtins-4.0/tests/src/dot11/dot11_test.cpp
Examining data/libtins-4.0/tests/src/dot11/probe_request_test.cpp
Examining data/libtins-4.0/tests/src/dot11/probe_response_test.cpp
Examining data/libtins-4.0/tests/src/dot11/ps_poll_test.cpp
Examining data/libtins-4.0/tests/src/dot11/reassoc_request_test.cpp
Examining data/libtins-4.0/tests/src/dot11/reassoc_response_test.cpp
Examining data/libtins-4.0/tests/src/dot11/rts_test.cpp
Examining data/libtins-4.0/tests/src/dot1q_test.cpp
Examining data/libtins-4.0/tests/src/ethernet_test.cpp
Examining data/libtins-4.0/tests/src/hw_address_test.cpp
Examining data/libtins-4.0/tests/src/icmp_extension_test.cpp
Examining data/libtins-4.0/tests/src/icmp_test.cpp
Examining data/libtins-4.0/tests/src/icmpv6_test.cpp
Examining data/libtins-4.0/tests/src/ip_address_test.cpp
Examining data/libtins-4.0/tests/src/ip_reassembler_test.cpp
Examining data/libtins-4.0/tests/src/ip_test.cpp
Examining data/libtins-4.0/tests/src/ipsec_test.cpp
Examining data/libtins-4.0/tests/src/ipv6_address_test.cpp
Examining data/libtins-4.0/tests/src/ipv6_test.cpp
Examining data/libtins-4.0/tests/src/llc_test.cpp
Examining data/libtins-4.0/tests/src/loopback_test.cpp
Examining data/libtins-4.0/tests/src/main_test.cpp
Examining data/libtins-4.0/tests/src/matches_response_test.cpp
Examining data/libtins-4.0/tests/src/mpls_test.cpp
Examining data/libtins-4.0/tests/src/network_interface_test.cpp
Examining data/libtins-4.0/tests/src/offline_packet_filter_test.cpp
Examining data/libtins-4.0/tests/src/pdu_iterator_test.cpp
Examining data/libtins-4.0/tests/src/pdu_test.cpp
Examining data/libtins-4.0/tests/src/pktap_test.cpp
Examining data/libtins-4.0/tests/src/ppi_test.cpp
Examining data/libtins-4.0/tests/src/pppoe_test.cpp
Examining data/libtins-4.0/tests/src/radiotap_test.cpp
Examining data/libtins-4.0/tests/src/raw_pdu_test.cpp
Examining data/libtins-4.0/tests/src/rc4_eapol_test.cpp
Examining data/libtins-4.0/tests/src/rsn_eapol_test.cpp
Examining data/libtins-4.0/tests/src/sll_test.cpp
Examining data/libtins-4.0/tests/src/snap_test.cpp
Examining data/libtins-4.0/tests/src/stp_test.cpp
Examining data/libtins-4.0/tests/src/tcp_ip_test.cpp
Examining data/libtins-4.0/tests/src/tcp_stream_test.cpp
Examining data/libtins-4.0/tests/src/tcp_test.cpp
Examining data/libtins-4.0/tests/src/udp_test.cpp
Examining data/libtins-4.0/tests/src/utils_test.cpp
Examining data/libtins-4.0/tests/src/wep_decrypt_test.cpp
Examining data/libtins-4.0/tests/src/wpa2_decrypt_test.cpp
FINAL RESULTS:
data/libtins-4.0/examples/portscan.cpp:87:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ports_to_scan.insert(atoi(ports[i].c_str()));
data/libtins-4.0/include/tins/hw_address.h:133:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(buffer_, ptr, address_size);
data/libtins-4.0/include/tins/memory_helpers.h:52:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(output_buffer, buffer, size);
data/libtins-4.0/include/tins/memory_helpers.h:61:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(buffer, ptr, size);
data/libtins-4.0/include/tins/memory_helpers.h:66:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(buffer, &value, sizeof(value));
data/libtins-4.0/include/tins/memory_helpers.h:188:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(buffer_, &*start, length);
data/libtins-4.0/include/tins/pdu_cacher.h:151:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(buffer, &*cached_serialization_.begin(), cached_serialization_.size());
data/libtins-4.0/include/tins/pdu_option.h:259:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(payload_.small_buffer, rhs.data_ptr(), rhs.data_size());
data/libtins-4.0/include/tins/pdu_option.h:402:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(payload_.small_buffer, &*start, total_size);
data/libtins-4.0/src/dhcpv6.cpp:36:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
using std::memcpy;
data/libtins-4.0/src/dhcpv6.cpp:56:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[index], &uint16_t_buffer, sizeof(uint16_t));
data/libtins-4.0/src/dhcpv6.cpp:59:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&*buffer.begin() + index, &*start->begin(), start->size());
data/libtins-4.0/src/dhcpv6.cpp:74:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&size, ptr + index, sizeof(uint16_t));
data/libtins-4.0/src/dns.cpp:40:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
using std::memcpy;
data/libtins-4.0/src/dns.cpp:346:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&index, ptr, sizeof(uint16_t));
data/libtins-4.0/src/dns.cpp:370:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(current_out_ptr, ptr, size);
data/libtins-4.0/src/dns.cpp:392:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
output += sprintf(
data/libtins-4.0/src/dns.cpp:415:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dname[256], small_addr_buf[256];
data/libtins-4.0/src/dns.cpp:502:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&index, ptr, sizeof(uint16_t));
data/libtins-4.0/src/dns.cpp:506:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &index, sizeof(uint16_t));
data/libtins-4.0/src/dns.cpp:529:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&type, ptr, sizeof(uint16_t));
data/libtins-4.0/src/dns.cpp:533:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&size, ptr, sizeof(uint16_t));
data/libtins-4.0/src/dns.cpp:553:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/libtins-4.0/src/dot11/dot11_base.cpp:206:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(addr.sll_addr), header_.addr1, 6);
data/libtins-4.0/src/dot11/dot11_control.cpp:236:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bitmap_, bit, bitmap_size);
data/libtins-4.0/src/dot3.cpp:111:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(addr.sll_addr), header_.dst_mac, sizeof(header_.dst_mac));
data/libtins-4.0/src/dot3.cpp:153:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(addr.sll_addr), header_.dst_mac, sizeof(header_.dst_mac));
data/libtins-4.0/src/eapol.cpp:37:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
using std::memcpy;
data/libtins-4.0/src/eapol.cpp:107:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &header_, sizeof(header_));
data/libtins-4.0/src/eapol.cpp:193:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_.nonce, ptr, nonce_size);
data/libtins-4.0/src/eapol.cpp:197:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_.rsc, ptr, rsc_size);
data/libtins-4.0/src/eapol.cpp:201:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_.id, ptr, id_size);
data/libtins-4.0/src/eapol.cpp:209:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_.mic, ptr, mic_size);
data/libtins-4.0/src/ethernetII.cpp:134:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(addr.sll_addr), header_.dst_mac, address_type::address_size);
data/libtins-4.0/src/ethernetII.cpp:198:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(addr.sll_addr), header_.dst_mac, address_type::address_size);
data/libtins-4.0/src/icmp.cpp:279:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 2, &header_.check, sizeof(uint16_t));
data/libtins-4.0/src/icmp_extension.cpp:184:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(original_ptr + sizeof(uint16_t), &checksum, sizeof(checksum));
data/libtins-4.0/src/icmpv6.cpp:383:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 2, &header_.cksum, sizeof(uint16_t));
data/libtins-4.0/src/icmpv6.cpp:1015:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&output.lifetime, ptr + 2, sizeof(uint32_t));
data/libtins-4.0/src/ip.cpp:529:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&uint32_t_buffer, route, sizeof(uint32_t));
data/libtins-4.0/src/ipsec.cpp:36:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
using std::memcpy;
data/libtins-4.0/src/ipv6.cpp:298:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)&link_addr.sin6_addr, header_.dst_addr, address_type::address_size);
data/libtins-4.0/src/ipv6_address.cpp:52:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
using std::memcpy;
data/libtins-4.0/src/ipv6_address.cpp:82:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(address_, ptr, address_size);
data/libtins-4.0/src/ipv6_address.cpp:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[INET6_ADDRSTRLEN];
data/libtins-4.0/src/network_interface.cpp:262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface_name[IF_NAMESIZE];
data/libtins-4.0/src/packet_sender.cpp:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[PCAP_ERRBUF_SIZE];
data/libtins-4.0/src/packet_sender.cpp:213:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sock = open(oss.str().c_str(), O_RDWR);
data/libtins-4.0/src/pdu_option.cpp:42:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
using std::memcpy;
data/libtins-4.0/src/pppoe.cpp:38:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
using std::memcpy;
data/libtins-4.0/src/pppoe.cpp:158:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[0], &tmp_vendor_id, sizeof(uint32_t));
data/libtins-4.0/src/radiotap.cpp:54:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
using std::memcpy;
data/libtins-4.0/src/radiotap.cpp:68:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(buffer, &value, sizeof(value));
data/libtins-4.0/src/radiotap.cpp:147:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &new_freq, sizeof(new_freq));
data/libtins-4.0/src/radiotap.cpp:148:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + sizeof(new_freq), &new_type, sizeof(new_type));
data/libtins-4.0/src/radiotap.cpp:187:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &new_xchannel, sizeof(new_xchannel));
data/libtins-4.0/src/radiotap.cpp:193:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &new_mcs, sizeof(new_mcs));
data/libtins-4.0/src/radiotap.cpp:260:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&output, opt.data_ptr(), sizeof(uint16_t));
data/libtins-4.0/src/radiotap.cpp:267:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&output, opt.data_ptr() + sizeof(uint16_t), sizeof(uint16_t));
data/libtins-4.0/src/sniffer.cpp:313:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[PCAP_ERRBUF_SIZE];
data/libtins-4.0/src/sniffer.cpp:396:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[PCAP_ERRBUF_SIZE];
data/libtins-4.0/src/sniffer.cpp:412:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[PCAP_ERRBUF_SIZE];
data/libtins-4.0/src/udp.cpp:95:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer, ptr, sizeof(uint16_t));
data/libtins-4.0/src/utils/checksum_utils.cpp:37:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
using std::memcpy;
data/libtins-4.0/src/utils/checksum_utils.cpp:62:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer, ptr, sizeof(uint16_t));
data/libtins-4.0/src/utils/radiotap_writer.cpp:69:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(const_cast<uint8_t*>(parser.current_option_ptr()),
data/libtins-4.0/src/utils/radiotap_writer.cpp:104:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&*buffer_.begin(), &flags, sizeof(flags));
data/libtins-4.0/src/utils/routing_utils.cpp:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface_name[IF_NAMESIZE];
data/libtins-4.0/src/utils/routing_utils.cpp:212:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface_name[IF_NAMESIZE];
data/libtins-4.0/tests/src/radiotap_test.cpp:651:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &value, sizeof(value));
data/libtins-4.0/tests/src/radiotap_test.cpp:657:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &value, sizeof(value));
data/libtins-4.0/tests/src/radiotap_test.cpp:671:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &value, sizeof(value));
data/libtins-4.0/include/tins/ipv6_address.h:139:21: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return std::equal(begin(), end(), rhs.address_);
data/libtins-4.0/include/tins/memory_helpers.h:79:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
T read() {
data/libtins-4.0/include/tins/memory_helpers.h:81:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(output);
data/libtins-4.0/include/tins/memory_helpers.h:87:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return Endian::le_to_host(read<T>());
data/libtins-4.0/include/tins/memory_helpers.h:92:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return Endian::be_to_host(read<T>());
data/libtins-4.0/include/tins/memory_helpers.h:96:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(T& value) {
data/libtins-4.0/include/tins/memory_helpers.h:116:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(void* output_buffer, size_t output_buffer_size) {
data/libtins-4.0/include/tins/memory_helpers.h:140:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(std::vector<uint8_t>& value, size_t count);
data/libtins-4.0/include/tins/memory_helpers.h:141:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(HWAddress<6>& address);
data/libtins-4.0/include/tins/memory_helpers.h:142:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(IPv4Address& address);
data/libtins-4.0/include/tins/memory_helpers.h:143:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(IPv6Address& address);
data/libtins-4.0/src/arp.cpp:67:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/bootp.cpp:50:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(bootp_);
data/libtins-4.0/src/bootp.cpp:54:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(vend_, vend_field_size);
data/libtins-4.0/src/crypto.cpp:51:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
using std::equal;
data/libtins-4.0/src/crypto.cpp:463:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(MIC, MIC + RSNEAPOL::mic_size, last_hs.mic())) {
data/libtins-4.0/src/crypto.cpp:546:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(nice_MIC, nice_MIC + sizeof(nice_MIC), MIC)) {
data/libtins-4.0/src/dhcp.cpp:64:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint32_t magic_number = stream.read<uint32_t>();
data/libtins-4.0/src/dhcp.cpp:72:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
option_type = (OptionTypes)stream.read<uint8_t>();
data/libtins-4.0/src/dhcp.cpp:75:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
option_length = stream.read<uint8_t>();
data/libtins-4.0/src/dhcpv6.cpp:37:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
using std::equal;
data/libtins-4.0/src/dhcpv6.cpp:115:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(&header_data_, required_size);
data/libtins-4.0/src/dhcpv6.cpp:117:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(link_addr_);
data/libtins-4.0/src/dhcpv6.cpp:118:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(peer_addr_);
data/libtins-4.0/src/dhcpv6.cpp:202:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return equal(header_data_ + 1, header_data_ + 4, ptr + 1);
data/libtins-4.0/src/dhcpv6.cpp:456:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.lladdress, stream.size());
data/libtins-4.0/src/dhcpv6.cpp:477:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.identifier, stream.size());
data/libtins-4.0/src/dhcpv6.cpp:497:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.lladdress, stream.size());
data/libtins-4.0/src/dhcpv6.cpp:520:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.options, stream.size());
data/libtins-4.0/src/dhcpv6.cpp:531:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.options, stream.size());
data/libtins-4.0/src/dhcpv6.cpp:541:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.address);
data/libtins-4.0/src/dhcpv6.cpp:544:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.options, stream.size());
data/libtins-4.0/src/dhcpv6.cpp:554:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.protocol = stream.read<uint8_t>();
data/libtins-4.0/src/dhcpv6.cpp:555:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.algorithm = stream.read<uint8_t>();
data/libtins-4.0/src/dhcpv6.cpp:556:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.rdm = stream.read<uint8_t>();
data/libtins-4.0/src/dhcpv6.cpp:558:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.auth_info, stream.size());
data/libtins-4.0/src/dhcpv6.cpp:580:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.data, stream.size());
data/libtins-4.0/src/dns.cpp:62:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/dns.cpp:63:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(records_data_, stream.size());
data/libtins-4.0/src/dns.cpp:83:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t value = stream.read<uint8_t>();
data/libtins-4.0/src/dns.cpp:439:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data = stream.read<IPv6Address>().to_string();
data/libtins-4.0/src/dns.cpp:442:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline_convert_v4(stream.read<uint32_t>(), small_addr_buf);
data/libtins-4.0/src/dot11/dot11_assoc.cpp:53:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(body_);
data/libtins-4.0/src/dot11/dot11_assoc.cpp:81:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(body_);
data/libtins-4.0/src/dot11/dot11_assoc.cpp:109:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(body_);
data/libtins-4.0/src/dot11/dot11_assoc.cpp:141:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(body_);
data/libtins-4.0/src/dot11/dot11_assoc.cpp:173:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(body_);
data/libtins-4.0/src/dot11/dot11_auth.cpp:53:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(body_);
data/libtins-4.0/src/dot11/dot11_auth.cpp:89:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(body_);
data/libtins-4.0/src/dot11/dot11_base.cpp:73:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/dot11/dot11_base.cpp:85:66: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
OptionTypes opcode = static_cast<OptionTypes>(stream.read<uint8_t>());
data/libtins-4.0/src/dot11/dot11_base.cpp:86:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t length = stream.read<uint8_t>();
data/libtins-4.0/src/dot11/dot11_beacon.cpp:53:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(body_);
data/libtins-4.0/src/dot11/dot11_control.cpp:65:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(taddr_);
data/libtins-4.0/src/dot11/dot11_control.cpp:156:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(bar_control_);
data/libtins-4.0/src/dot11/dot11_control.cpp:157:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(start_sequence_);
data/libtins-4.0/src/dot11/dot11_control.cpp:206:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(bar_control_);
data/libtins-4.0/src/dot11/dot11_control.cpp:207:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(start_sequence_);
data/libtins-4.0/src/dot11/dot11_control.cpp:208:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(bitmap_);
data/libtins-4.0/src/dot11/dot11_data.cpp:69:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(ext_header_);
data/libtins-4.0/src/dot11/dot11_data.cpp:71:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(addr4_);
data/libtins-4.0/src/dot11/dot11_data.cpp:138:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(qos_control_);
data/libtins-4.0/src/dot11/dot11_mgmt.cpp:56:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(ext_header_);
data/libtins-4.0/src/dot11/dot11_mgmt.cpp:58:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(addr4_);
data/libtins-4.0/src/dot11/dot11_mgmt.cpp:509:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.hop_set = stream.read<uint8_t>();
data/libtins-4.0/src/dot11/dot11_mgmt.cpp:510:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.hop_pattern = stream.read<uint8_t>();
data/libtins-4.0/src/dot11/dot11_mgmt.cpp:511:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.hop_index = stream.read<uint8_t>();
data/libtins-4.0/src/dot11/dot11_mgmt.cpp:522:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.cfp_count = stream.read<uint8_t>();
data/libtins-4.0/src/dot11/dot11_mgmt.cpp:523:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.cfp_period = stream.read<uint8_t>();
data/libtins-4.0/src/dot11/dot11_mgmt.cpp:607:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.quiet_count = stream.read<uint8_t>();
data/libtins-4.0/src/dot11/dot11_mgmt.cpp:608:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.quiet_period = stream.read<uint8_t>();
data/libtins-4.0/src/dot11/dot11_mgmt.cpp:622:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.channel_utilization = stream.read<uint8_t>();
data/libtins-4.0/src/dot11/dot11_probe.cpp:69:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(body_);
data/libtins-4.0/src/dot1q.cpp:56:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/dot3.cpp:48:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
using std::equal;
data/libtins-4.0/src/dot3.cpp:72:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/eapol.cpp:63:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/eapol.cpp:122:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/eapol.cpp:124:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(key_, key_length());
data/libtins-4.0/src/eapol.cpp:183:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/eapol.cpp:185:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(key_, wpa_length());
data/libtins-4.0/src/ethernetII.cpp:76:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/hw_address.cpp:41:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
using std::equal;
data/libtins-4.0/src/hw_address.cpp:108:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return equal(start1, end1, start2);
data/libtins-4.0/src/icmp.cpp:64:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/icmp.cpp:66:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
original_timestamp(stream.read<uint32_t>());
data/libtins-4.0/src/icmp.cpp:67:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
receive_timestamp(stream.read<uint32_t>());
data/libtins-4.0/src/icmp.cpp:68:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
transmit_timestamp(stream.read<uint32_t>());
data/libtins-4.0/src/icmp.cpp:71:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
address_mask(address_type(stream.read<uint32_t>()));
data/libtins-4.0/src/icmp_extension.cpp:60:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extension_class_ = stream.read<uint8_t>();
data/libtins-4.0/src/icmp_extension.cpp:61:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extension_type_ = stream.read<uint8_t>();
data/libtins-4.0/src/icmp_extension.cpp:67:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(payload_, length);
data/libtins-4.0/src/icmp_extension.cpp:113:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
version_and_reserved_ = stream.read<uint16_t>();
data/libtins-4.0/src/icmp_extension.cpp:114:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
checksum_ = stream.read<uint16_t>();
data/libtins-4.0/src/icmp_extension.cpp:143:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint32_t actual_checksum = input.read<uint16_t>();
data/libtins-4.0/src/icmp_extension.cpp:144:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint16_t checksum = input.read<uint16_t>();
data/libtins-4.0/src/icmpv6.cpp:58:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/icmpv6.cpp:60:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
target_address_ = stream.read<ipaddress_type>();
data/libtins-4.0/src/icmpv6.cpp:63:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dest_address_ = stream.read<ipaddress_type>();
data/libtins-4.0/src/icmpv6.cpp:66:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
reach_time_ = stream.read<uint32_t>();
data/libtins-4.0/src/icmpv6.cpp:67:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
retrans_timer_ = stream.read<uint32_t>();
data/libtins-4.0/src/icmpv6.cpp:79:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(multicast_address_);
data/libtins-4.0/src/icmpv6.cpp:83:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(mlqm_);
data/libtins-4.0/src/icmpv6.cpp:87:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(address);
data/libtins-4.0/src/icmpv6.cpp:105:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint8_t opt_type = stream.read<uint8_t>();
data/libtins-4.0/src/icmpv6.cpp:106:64: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint32_t opt_size = static_cast<uint32_t>(stream.read<uint8_t>()) * 8;
data/libtins-4.0/src/icmpv6.cpp:837:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.reserved, 6);
data/libtins-4.0/src/icmpv6.cpp:839:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.addresses.push_back(stream.read<ICMPv6::ipaddress_type>());
data/libtins-4.0/src/icmpv6.cpp:867:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.prefix_len = stream.read<uint8_t>();
data/libtins-4.0/src/icmpv6.cpp:869:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.A = (stream.read<uint8_t>() >> 6) & 0x1;
data/libtins-4.0/src/icmpv6.cpp:873:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.prefix = stream.read<ICMPv6::ipaddress_type>();
data/libtins-4.0/src/icmpv6.cpp:887:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.key_hash, sizeof(output.key_hash));
data/libtins-4.0/src/icmpv6.cpp:899:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.option_code = stream.read<uint8_t>();
data/libtins-4.0/src/icmpv6.cpp:900:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.prefix_len = stream.read<uint8_t>();
data/libtins-4.0/src/icmpv6.cpp:903:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.address);
data/libtins-4.0/src/icmpv6.cpp:914:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.pref = stream.read<uint8_t>() & 0x0f;
data/libtins-4.0/src/icmpv6.cpp:915:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.r = (stream.read<uint8_t>() >> 7) & 0x01;
data/libtins-4.0/src/icmpv6.cpp:917:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.address);
data/libtins-4.0/src/icmpv6.cpp:927:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.prefix_len = stream.read<uint8_t>();
data/libtins-4.0/src/icmpv6.cpp:928:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.pref = (stream.read<uint8_t>() >> 3) & 0x3;
data/libtins-4.0/src/icmpv6.cpp:943:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.servers.push_back(stream.read<ICMPv6::ipaddress_type>());
data/libtins-4.0/src/icmpv6.cpp:955:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.AT = (stream.read<uint8_t>() >> 4) & 0x3;
data/libtins-4.0/src/icmpv6.cpp:971:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.AT = (stream.read<uint8_t>() >> 4) & 0x3;
data/libtins-4.0/src/icmpv6.cpp:1043:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.reserved, 6);
data/libtins-4.0/src/icmpv6.cpp:1054:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.limit = stream.read<uint8_t>();
data/libtins-4.0/src/icmpv6.cpp:1055:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.reserved1 = stream.read<uint8_t>();
data/libtins-4.0/src/icmpv6.cpp:1076:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(type);
data/libtins-4.0/src/icmpv6.cpp:1077:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int aux_data_len = stream.read<uint8_t>() * sizeof(uint32_t);
data/libtins-4.0/src/icmpv6.cpp:1078:51: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int sources_count = Endian::be_to_host(stream.read<uint16_t>());
data/libtins-4.0/src/icmpv6.cpp:1079:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(multicast_address);
data/libtins-4.0/src/icmpv6.cpp:1081:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sources.push_back(stream.read<ipaddress_type>());
data/libtins-4.0/src/ip.cpp:78:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/ip.cpp:89:64: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
option_identifier opt_type = (option_identifier)stream.read<uint8_t>();
data/libtins-4.0/src/ip.cpp:92:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint32_t option_size = stream.read<uint8_t>();
data/libtins-4.0/src/ip.cpp:511:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint32_t tcc = stream.read<uint8_t>();
data/libtins-4.0/src/ip.cpp:512:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tcc = (tcc << 8) | stream.read<uint8_t>();
data/libtins-4.0/src/ip.cpp:513:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tcc = (tcc << 8) | stream.read<uint8_t>();
data/libtins-4.0/src/ipsec.cpp:51:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/ipsec.cpp:60:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(icv_, icv_length);
data/libtins-4.0/src/ipsec.cpp:116:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/ipv6.cpp:63:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
current_header = stream.read<uint8_t>();
data/libtins-4.0/src/ipv6.cpp:64:65: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint32_t ext_size = (static_cast<uint32_t>(stream.read<uint8_t>()) + 1) * 8;
data/libtins-4.0/src/ipv6.cpp:81:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/ipv6.cpp:90:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint8_t ext_type = stream.read<uint8_t>();
data/libtins-4.0/src/ipv6.cpp:93:69: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint32_t ext_size = (static_cast<uint32_t>(stream.read<uint8_t>()) + 1) * 8;
data/libtins-4.0/src/ipv6.cpp:105:54: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint8_t opt_type = options.read<uint8_t>();
data/libtins-4.0/src/ipv6.cpp:109:54: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint8_t opt_size = options.read<uint8_t>();
data/libtins-4.0/src/llc.cpp:61:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/llc.cpp:68:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(control_field.unnumbered);
data/libtins-4.0/src/llc.cpp:74:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(control_field.info);
data/libtins-4.0/src/loopback.cpp:67:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
family_ = stream.read<uint32_t>();
data/libtins-4.0/src/memory_helpers.cpp:42:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void InputMemoryStream::read(vector<uint8_t>& value, size_t count) {
data/libtins-4.0/src/memory_helpers.cpp:50:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void InputMemoryStream::read(HWAddress<6>& address) {
data/libtins-4.0/src/memory_helpers.cpp:58:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void InputMemoryStream::read(IPv4Address& address) {
data/libtins-4.0/src/memory_helpers.cpp:59:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
address = IPv4Address(read<uint32_t>());
data/libtins-4.0/src/memory_helpers.cpp:62:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void InputMemoryStream::read(IPv6Address& address) {
data/libtins-4.0/src/mpls.cpp:48:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/mpls.cpp:53:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/packet_sender.cpp:220:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, iface.name().c_str(), sizeof(ifr.ifr_name) - 1);
data/libtins-4.0/src/packet_sender.cpp:439:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/libtins-4.0/src/packet_sender.cpp:465:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read > 0) {
data/libtins-4.0/src/packet_sender.cpp:472:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size = ::read(*it, buffer, buffer_size_);
data/libtins-4.0/src/pdu_option.cpp:76:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const T value = input.read<T>();
data/libtins-4.0/src/pdu_option.cpp:99:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data.first = input.read<T>();
data/libtins-4.0/src/pdu_option.cpp:100:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data.second = input.read<U>();
data/libtins-4.0/src/pdu_option.cpp:123:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.first = input.read<T>();
data/libtins-4.0/src/pdu_option.cpp:124:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
output.second = input.read<U>();
data/libtins-4.0/src/pdu_option.cpp:180:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint32_t ip_int = input.read<uint32_t>();
data/libtins-4.0/src/pdu_option.cpp:236:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const uint32_t ip_int = input.read<uint32_t>();
data/libtins-4.0/src/pktap.cpp:46:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/ppi.cpp:49:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/ppi.cpp:56:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(data_, options_length);
data/libtins-4.0/src/pppoe.cpp:55:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/pppoe.cpp:69:62: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
TagTypes opt_type = static_cast<TagTypes>(stream.read<uint16_t>());
data/libtins-4.0/src/pppoe.cpp:238:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(output.data, stream.size());
data/libtins-4.0/src/radiotap.cpp:84:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
input.read(header_);
data/libtins-4.0/src/sll.cpp:47:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/snap.cpp:54:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(snap_);
data/libtins-4.0/src/stp.cpp:47:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/tcp.cpp:68:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/tcp.cpp:83:61: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const OptionTypes option_type = (OptionTypes)stream.read<uint8_t>();
data/libtins-4.0/src/tcp.cpp:93:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint32_t len = stream.read<uint8_t>();
data/libtins-4.0/src/tcp_ip/flow.cpp:184:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return stream.read<IPv4Address>();
data/libtins-4.0/src/tcp_ip/flow.cpp:189:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return stream.read<IPv6Address>();
data/libtins-4.0/src/udp.cpp:60:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read(header_);
data/libtins-4.0/src/utils/checksum_utils.cpp:89:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
checksum += input_stream.read<uint16_t>();
data/libtins-4.0/tests/src/address_range_test.cpp:85:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(addr.begin(), addr.end(), addresses.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:93:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(addr.begin(), addr.end(), addresses.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:103:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(addr.begin(), addr.end(), addresses.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:116:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(addr.begin(), addr.end(), addresses.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:126:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range1.begin(), range1.end(), range2.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:127:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range2.begin(), range2.end(), range1.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:134:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range1.begin(), range1.end(), range2.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:135:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range2.begin(), range2.end(), range1.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:144:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range1.begin(), range1.end(), range2.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:145:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range2.begin(), range2.end(), range1.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:156:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range1.begin(), range1.end(), range2.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:157:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range2.begin(), range2.end(), range1.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:168:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range1.begin(), range1.end(), range2.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:169:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range2.begin(), range2.end(), range1.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:178:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range1.begin(), range1.end(), range2.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:179:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range2.begin(), range2.end(), range1.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:188:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range1.begin(), range1.end(), range2.begin()));
data/libtins-4.0/tests/src/address_range_test.cpp:189:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(range2.begin(), range2.end(), range1.begin()));
data/libtins-4.0/tests/src/dhcp_test.cpp:175:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(option->data_ptr(), option->data_ptr() + option->data_size(), value));
data/libtins-4.0/tests/src/dhcp_test.cpp:270:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(it1->data_ptr(), it1->data_ptr() + it1->data_size(), it2->data_ptr()));
data/libtins-4.0/tests/src/dhcp_test.cpp:302:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dns_test.cpp:171:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/ack_test.cpp:103:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/assoc_request_test.cpp:90:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/assoc_response_test.cpp:98:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/authentication_test.cpp:106:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/beacon_test.cpp:442:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(rates_parsed.begin(), rates_parsed.end(), rates));
data/libtins-4.0/tests/src/dot11/beacon_test.cpp:444:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(ext_rates_parsed.begin(), ext_rates_parsed.end(), ext_rates));
data/libtins-4.0/tests/src/dot11/beacon_test.cpp:458:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(serialized.begin(), serialized.end(), buffer));
data/libtins-4.0/tests/src/dot11/beacon_test.cpp:465:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/block_ack_request_test.cpp:94:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/cf_end_ack_test.cpp:78:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/cf_end_test.cpp:78:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/data_test.cpp:141:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/deauthentication_test.cpp:88:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/disassoc_test.cpp:89:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/dot11_test.cpp:165:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(hwaddr.begin(), hwaddr.end(), option->data_ptr()));
data/libtins-4.0/tests/src/dot11/dot11_test.cpp:172:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/probe_response_test.cpp:97:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/ps_poll_test.cpp:78:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/reassoc_request_test.cpp:97:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/reassoc_response_test.cpp:86:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/dot11/rts_test.cpp:78:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/ethernet_test.cpp:123:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(serialized.begin(), serialized.end(), smallip_packet));
data/libtins-4.0/tests/src/hw_address_test.cpp:26:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(addr.begin(), addr.end(), empty_addr));
data/libtins-4.0/tests/src/hw_address_test.cpp:96:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(addr.begin(), addr.end(), byte_address));
data/libtins-4.0/tests/src/hw_address_test.cpp:101:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(addr.begin(), addr.end(), byte_address));
data/libtins-4.0/tests/src/icmpv6_test.cpp:404:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(data.key_hash, data.key_hash + sizeof(data.key_hash), result.key_hash));
data/libtins-4.0/tests/src/icmpv6_test.cpp:407:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(data.signature.begin(), data.signature.end(), result.signature.begin()));
data/libtins-4.0/tests/src/icmpv6_test.cpp:447:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(data.address.begin(), data.address.end(), output.address.begin()));
data/libtins-4.0/tests/src/icmpv6_test.cpp:483:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(data.prefix.begin(), data.prefix.end(), output.prefix.begin()));
data/libtins-4.0/tests/src/ipv6_address_test.cpp:20:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(addr.begin(), addr.end(), empty_addr));
data/libtins-4.0/tests/src/ipv6_address_test.cpp:29:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(addr.begin(), addr.end(), some_addr));
data/libtins-4.0/tests/src/ipv6_address_test.cpp:38:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(addr.begin(), addr.end(), some_addr));
data/libtins-4.0/tests/src/ipv6_address_test.cpp:46:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(addr.begin(), addr.end(), some_addr));
data/libtins-4.0/tests/src/pdu_test.cpp:59:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(raw_payload.begin(), raw_payload.end(), raw->payload().begin()));
data/libtins-4.0/tests/src/pdu_test.cpp:71:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(raw->payload().begin(), raw->payload().end(), raw_payload.begin()));
data/libtins-4.0/tests/src/pdu_test.cpp:83:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(raw->payload().begin(), raw->payload().end(), raw_payload.begin()));
data/libtins-4.0/tests/src/radiotap_test.cpp:446:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/rc4_eapol_test.cpp:26:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(empty_iv, empty_iv + sizeof(empty_iv), eapol.key_iv()));
data/libtins-4.0/tests/src/rc4_eapol_test.cpp:29:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(empty_iv, empty_iv + sizeof(empty_iv), eapol.key_sign()));
data/libtins-4.0/tests/src/rc4_eapol_test.cpp:76:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(iv, iv + sizeof(iv), eapol.key_iv()));
data/libtins-4.0/tests/src/rc4_eapol_test.cpp:100:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(sign, sign + sizeof(sign), eapol.key_sign()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:88:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(eapol1.key_iv(), eapol1.key_iv() + RSNEAPOL::key_iv_size, eapol2.key_iv()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:89:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(eapol1.id(), eapol1.id() + RSNEAPOL::id_size, eapol2.id()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:90:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(eapol1.rsc(), eapol1.rsc() + RSNEAPOL::rsc_size, eapol2.rsc()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:92:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(eapol1.nonce(), eapol1.nonce() + RSNEAPOL::nonce_size, eapol2.nonce()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:93:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(eapol1.mic(), eapol1.mic() + RSNEAPOL::mic_size, eapol2.mic()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:108:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(empty_iv, empty_iv + sizeof(empty_iv), eapol.key_iv()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:109:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(empty_rsc, empty_rsc + sizeof(empty_rsc), eapol.id()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:110:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(empty_rsc, empty_rsc + sizeof(empty_rsc), eapol.rsc()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:112:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(empty_nonce, empty_nonce + sizeof(empty_nonce), eapol.nonce()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:113:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(empty_iv, empty_iv + sizeof(empty_iv), eapol.mic()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:141:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(nonce, nonce + sizeof(nonce), eapol.nonce()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:142:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(empty_iv, empty_iv + sizeof(empty_iv), eapol.key_iv()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:143:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(rsc, rsc + sizeof(rsc), eapol.rsc()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:144:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(id, id + sizeof(id), eapol.id()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:145:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(mic, mic + sizeof(mic), eapol.mic()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:149:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(key, key + sizeof(key), key_found.begin()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:156:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:200:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:218:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(empty_iv, empty_iv + sizeof(empty_iv), eapol.key_iv()));
data/libtins-4.0/tests/src/rsn_eapol_test.cpp:224:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(nonce, nonce + sizeof(nonce), eapol.nonce()));
data/libtins-4.0/tests/src/sll_test.cpp:59:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
data/libtins-4.0/tests/src/tcp_stream_test.cpp:133:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(payload.begin(), payload.end(), session.client_payload().begin())) << "Payload differs for index " << index;
data/libtins-4.0/tests/src/tcp_test.cpp:254:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(buffer.begin(), buffer.end(), expected_packet));
ANALYSIS SUMMARY:
Hits = 344
Lines analyzed = 60461 in approximately 1.73 seconds (35047 lines/second)
Physical Source Lines of Code (SLOC) = 34144
Hits@level = [0] 1 [1] 272 [2] 72 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 345 [1+] 344 [2+] 72 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 10.1043 [1+] 10.075 [2+] 2.10872 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.